We're currently dealing with some Subscribe Spam. Dealing with it, I
encountered a problem I need help with:
I used Mark's scrip list_pending
(https://www.msapiro.net/scripts/list_pending) to find out how many
Subscriptions we got and which adresses were used. I iterated over all
lists I got from list_lists --bare and took just the ones with "type:
S". Turns out we got 66608 subscriptions from 66560 different adresses.
Luckily, they all match the regex \w*\+\w*(a)gmail\.com, so I tried …
[View More]to
wipe the mess whith another script of Mark, erase
(https://www.msapiro.net/scripts/erase).
It works nicely for a bunch of lists, but I don't get why it doesn't
work with all of them. Looking more closely I found in
/var/lib/mailman/lists/<listname> the pending.pck file the script is
operating on.
Does someone have an idea why it might not work for all lists?
Regards, Ruediger
[View Less]
I've been assigned the task of attempting to secure our current implementation of GNU MailMan.
Have any of you out there done this?
What did you do?
Some of the initial items that have been directed my way:
1. Can archiving be totally and permanently be eliminated?
2. How and where are the passwords stored?
3. Can user passwords be eliminated and have the list administrator make any user adjustments which should not be necessary?
4. Does the website have to run …
[View More]in http: since passwords are entered at points in the interactions?
Thanks for your guidance and thoughts.
[View Less]
Dear,
Sorry if the text is difficult to understand. I am Brazilian and I do
not have many English language skills.
I'm just sending this email for information.
There we have I was not able to send emails from my server to some
domains [especially those linked to Microsoft (hotmail.como, msn.com,
outlook.com, etc.)].
Then I realized that the IP of my server was listed in the CBL blacklist.
I realized that one of the sites hosted on this server (which is also a
Web server) was infected …
[View More]by malware that was connecting all the time to
IP 192.42.116.41 (port 80 and 443).
This infection comes from Wordpress. One of my hosting clients used an
obsolete version of the Wordpress platform and was eventually hit.
Details here:
https://consultalinux.org/blog/ler_post.php?category=linux&id=129
Almost every source on his site had been encrypted.
Fortunately, the server automatically backs up the database every day.
Just delete the old WP, install the new upload dump of the DB.
After I resolved the problem, the IP was no longer listed.
Regards,
Henrique Fagundes
suporte(a)aprendendolinux.com
Skype: magnata-br-rj
Linux User: 475399
https://www.aprendendolinux.comhttps://www.facebook.com/AprendendoLinuxhttps://youtube.com/AprendendoLinuxhttps://twitter.com/AprendendoLinuxhttps://telegram.me/AprendendoLinux
______________________________________________________________________
Participe do Grupo Aprendendo Linux
https://listas.aprendendolinux.com/listinfo/aprendendolinux
Ou envie um e-mail para:
aprendendolinux-subscribe(a)listas.aprendendolinux.com
[View Less]